The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. This issue only affects the 3.X release of pac4j-saml.
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead...
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and ...
A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generat...
Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration.
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate a legacy API key.